Grab Builds Secure Agentic AI Workload Platform

2026-06-25 · Source: InfoQ · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Cloud Computing & IT Infrastructure · Depth: Advanced, short

Summary

Grab's cybersecurity and platform engineering teams have developed Palana, a proprietary, Kubernetes-native secure execution platform designed to safely run autonomous artificial intelligence workloads. Palana provides a secure, isolated runtime environment with deterministic guardrails for model-driven applications, addressing the inherent security risks of highly autonomous agents like prompt injection, logic hijacking, and hallucinations. The platform establishes isolation using a zero-trust model, assigning each agent to its own Kubernetes namespace with restrictive Role-Based Access Control and custom network policies. For secrets management, Palana decouples credentials, securing sensitive API keys in HashiCorp Vault and using an intermediate proxy to dynamically replace placeholder tokens during outbound API calls. All egress traffic is routed through an Envoy proxy and Open Policy Agent for real-time decryption, validation, and audit trails, with external kill switches for compromised agents.

Key takeaway

For MLOps Engineers or AI Architects deploying autonomous agents, recognize that traditional security models are insufficient. You must implement infrastructure-level controls like dedicated Kubernetes namespaces, zero-trust network policies, and proxy-based secrets management to contain agent risks. This approach prevents prompt injection, logic hijacking, and data exfiltration, ensuring your AI workloads operate securely. Consider external control plane mechanisms for agent lifecycle management and network kill switches.

Key insights

Secure AI agent platforms require infrastructure-level isolation, dynamic secrets management, and controlled egress to mitigate inherent non-deterministic risks.

Principles

• Treat AI agents as inherently non-deterministic and untrustworthy.
• Establish isolation as the primary unit of trust via zero-trust.
• Decouple sensitive secrets from agent runtime environments.

Method

Implement a Kubernetes-native platform using custom resources and operators to provision isolated namespaces, manage secrets via proxy, and control egress through a centralized authorization service.

In practice

• Assign each agent a dedicated Kubernetes namespace.
• Route all agent egress through a policy-enforced proxy.
• Use external kill switches for agent network control.

Topics

• AI Agents
• Kubernetes Security
• Zero-Trust Architecture
• Secrets Management
• Egress Control
• Platform Engineering

Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Security Engineer, MLOps Engineer, AI Architect

Related on AIssential

• Zero Trust for AI Agents — Securing autonomous AI agents requires adapting Zero Trust principles to dynamic, multi-layered threats.
• Windows Platform Security and the Race to Secure AI Agents — Securing AI agents demands OS-level containment, identity, and manageability, with Microsoft's MXC and other platforms advancing diverse isolation solutions.
• OpenClaw and Claude Opus 4.6: Where is AI agent security headed? — AI agents and rapid development necessitate stringent security, zero-trust principles, and comprehensive inventory management.
• Securing the Swarm: Governance, Attack Surfaces, and Zero-Trust Architectures in Multi-Agent AI Environments — Securing multi-agent AI demands a shift from internal model alignment to external cryptographic controls and zero-trust governance.
• 85% of enterprises are running AI agents. Only 5% trust them enough to ship. — Establishing a robust trust architecture is critical for scaling AI agent adoption from pilot to production in enterprises.
• The Agentic AI Security Universe: A Complete Guide to Securing Autonomous AI Systems — Securing autonomous agentic AI systems requires a multi-layered framework addressing identity, control, tool interaction, communication, governance, monitoring, and compliance.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by InfoQ.